18日 金曜日、仏滅

+ UPDATE: MS16-133 - 重要 Microsoft Office 用のセキュリティ更新プログラム (3199168)
https://technet.microsoft.com/ja-jp/library/security/MS16-133

+ Wireshark 2.2.2, 2.0.8 Released
https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
https://www.wireshark.org/docs/relnotes/wireshark-2.0.8.html

+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl

+ SA73703 Wireshark Multiple Denial of Service Vulnerabilities
https://secunia.com/advisories/73703/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9376

+ Nginx (Debian-Based Distros) Root Privilege Escalation
https://cxsecurity.com/issue/WLB-2016110140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247

+ Wireshark Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/94369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9376

+ Wireshark Profinet I/O Dissector CVE-2016-9372 Denial of Service Vulnerability
http://www.securityfocus.com/bid/94368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9372

+ Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/94354

VU#624539 Ragentek Android OTA update mechanism vulnerable to MITM attack
https://www.kb.cert.org/vuls/id/624539

JVNVU#97326740 WordPress 用プラグイン NextGEN Gallery に PHP リモートファイルインクルージョンの脆弱性
http://jvn.jp/vu/JVNVU97326740/index.html

ニュース解説
「メリットが見えない」、盛り上がり欠ける情報処理安全確保支援士
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/111600700/?ST=security&itp_list_theme

記者の眼
AIやIoTがプライバシーを侵害しないためにできること
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/111600722/?ST=security&itp_list_theme

IoTウイルス「Mirai」の攻撃が活発化か、TELNETを狙ったパケットが急増
http://itpro.nikkeibp.co.jp/atcl/news/16/111703414/?ST=security&itp_list_theme